# Re2o firewall with nftables

This script creates a firewall from Re2o information using nftables.

# What it does :
	
	- Fetch mac-ip table from re2o and filter traffic from the adherent NAT with it;
	- Create a NAT table for FedeRez and Adherent, and NAT the admin and prerezotage VLANs properly.

# What it does not do (yet) :

	- Fetch opened ports on Re2o and filter traffic with these infos.

# Install :

```
cd /usr/local/
git clone --recursive https://gitlab.rezometz.org/klafyvel/firewall.git
apt install python3 python3-click python3-iso8601
cp config.ini.example config.ini
vim config.ini
chmod +x main.py
cp firewall.service /etc/systemd/system/
systemctl start firewall.service
echo "* * * * * root /usr/bin/python3 main.py macip 2>&1 | /usr/bin/logger -t firewall" >> /etc/cron.d/firewall
```

# Usage :

See `./main.py --help`.

# Dependencies :

	- re2oapi
	- python3-click